How to stop hackers attacking hybrid clouds
Adopting a hybrid cloud approach is a very attractive proposition for organizations that want to benefit from the best of both public and private options — and for plenty of good reasons. It is far more flexible than committing entirely to either the public or private cloud in totality but also caters to the various kinds of data and workloads that can be held in different environments depending on their nature. For example, a business may decide its accounts are best kept in the public cloud — but it may also wish to keep sensitive proprietary data closer to home in a private cloud.
That’s probably why the use of hybrid cloud is becoming increasingly popular. Recently released Statista data shows the hybrid cloud market is projected to surge in size between its valuation in 2021 — at the height of COVID-19 pandemic when the cloud was in the ascendency — and 2027. At a projected $262 billion dollars, this is three times the $85 billion dollars it was worth three years ago.
However, there are specific cyber security considerations to bear in mind when adopting a hybrid cloud configuration, and those are unique to this arrangement. Indeed, straddling these two worlds simultaneously means you will need to consider a duality of threats, which can make safeguarding your organization’s perimeter a challenge. Among these cloud security risks are that silos may form and there may be a risk of configuration discrepancies, loss of visibility, and potentially exploitable security gaps.
Straddling the best of both worlds
Using a combination of both private cloud and public cloud services will undoubtedly bring many benefits to any given business. On the one hand, organizations that adopt hybrid cloud have the capacity for control and complete visibility over the infrastructure housed on-premise. For workloads more suitable to the public cloud, organizations will appreciate the flexibility and scalability in addition to the reduced up-front expenditure in whirring up and maintaining the necessary infrastructure.
Legacy business-critical systems don’t need to be ripped out and migrated to the public cloud, while also benefiting from the new possibilities that the public cloud presents. Benefits include the ability to scale up and down operations, and spin up servers, with ease for additional workloads — all the while benefiting from the added protections that public cloud vendors may offer.
While there are certainly benefits to enjoy, any organization hoping to make a hybrid cloud approach work must consider the challenges that this involves, according to guidance released by the NSA.
For instance, companies must become accustomed to the ways that different vendors approach their operations. Maintaining the flow of data in pipelines between the different clouds is also crucial, as is controlling user access to necessary systems. The visibility gap — where some environments may offer more visibility than others — must be closed, and compliance must be maintained to the highest standards across all environments. Finally, there may be a general lack of cloud security expertise in the organization – and that’s a gap that must be plugged.
Hybrid cloud security risks
One of the most significant risks, according to the NSA guidance, is that the nature of the public cloud is vastly different from the private cloud and would require a different set of management skills and capabilities; the latter requiring in-house staff, in particular. Should gaps arise, this may open the door to security lapses that hackers are only too happy to exploit.
Among the biggest concerns facing organizations is the expanding attack surface – which poses real challenges, according to the results of Trend Micro™ research. In a recent study by The Enterprise Strategy Group (ESG) more than half (58%) of enterprises said that detecting vulnerabilities is getting more difficult as their attack surface increases in complexity and size.
What’s more, traditional security testing also covers less than half (47%) of business-critical apps, adversely impacting an organization’s security posture. Elsewhere, data security and compliance are unique challenges that managing a hybrid cloud configuration incurs, according to the Cloud Security Alliance (CSA).
Enterprise-grade hybrid cloud protection
Mitigating the various hybrid cloud risks all organizations face is far from an easy task. That said, there are various products and services that may make that task slightly easier. Trend Vision One™ is one such platform solution that is designed to minimize the attack surface and mitigate the risks that organizations with hybrid cloud configurations face in the modern age. The suite unifies attack surface risk management, detection, and response, as well as policy management, across the breadth of the enterprise.
The growing attack surface demands modern solutions like Trend Vision One™ – Cloud Security, which has the components to better safeguard hybrid cloud services. For instance, the platform offers faster detection thanks to total visibility with automated and continuous internal and external attack surface discovery across all environments — including on-premises and hybrid cloud environments. It also reduces the risk of tool sprawl by consolidating risk management capabilities like asset discovery and vulnerability prioritization. You can also view organizational cyber risk scores across all aspects of the enterprise environment, and gain insights through customizable dashboards.
Plenty of organizations have been reaping the benefits of such a unified approach, including CloudHesive, which has used Trend Cloud Security to safeguard mission-critical systems hosted on AWS.
“Our customers depend on us to stay up to date with the current threat actors and keep their environments secure. We work hard to develop that trust with our customers. We need to know that our environments have the best protection in place and that we’re staying current with open zero days and vulnerabilities—that we’re one step ahead of the threat actors. Which also means we must ensure that our own infrastructure is secure,” said Anthony Palmer, managed services technical lead at CloudHesive.
“Once we onboard a customer, the faster we can get them up and running, the better. With Trend security solutions, we can deploy quickly.”
For CloudHesive, it’s a fantastic tool on top of the endpoint security solution that the company operates – with the easy deployment, in particular, critical in its appeal. Trend Cloud Security combines various security processes — including risk mitigation, threat response, and zero trust access controls — under one unified hood to ensure cyber criminals are kept at bay.
The platform is available on the AWS, Azure, and GCP Marketplaces and represents a crucial component in an organization’s efforts to keep its hybrid cloud environment safe and secure.
Source link